June 4, 2013

Silicon Valley At Forefront Of US-China Internet Security Talks

War is raging. Negotiations are about to take place. This summit isn't to discuss casualties and drawing new lines on a map. It's to discuss cyber attacks that aim to infiltrate computer networks on both corporate and government levels.

President Barack Obama will meet later this week with Chinese President Xi Jinping in California. The talks will take place on Friday and Saturday in Southern California's Rancho Mirage, reports the AP. The location is South of Silicon Valley, where tech companies such as Facebook, Apple, Google and Twitter -- all of which have been targets of Chinese-sponsored attacks -- are based.

The US government has ramped up its role in blocking cyber attacks. However, the government has, itself, been the target of several recent attacks and concentrates on those attacks more than some of the recent corporate ones.

Tech firms have assumed a certain degree of responsibility in preventing and dealing with cyber attacks.

"To some degree, they were getting a pass," Paul Rosenzweig, a former Department of Homeland Security official who is now part of Red Branch Consulting, a firm that provides national security advice, said in the AP article. "If a car manufacturer made a car that was routinely able to be stolen, they'd be sued. If software is made with gaps that are a liability, they bear some responsibility, and in recent years there's been a sea change in high tech firms accepting that responsibility."

Responsibility means developing or licensing security software that will prevent hackers from gaining access to customer information such as passwords, account numbers and payment information. Security must also protect any company intellectual property, such as product information. In the case of a pharmaceutical company, for example, the formulation for a new drug might be the target of some attacks. For Internet companies, user logins might provide access to payment information such as a credit card, or give hackers a vector to hijack a user's account.

Increased attacks mean an increased pressure on Silicon Valley firms from corporate America,which is increasingly online and at risk of such attacks.

The official line from China's government is a denial of involvement. Defense Ministry spokesman Geng Yansheng said Sunday that the US claims "underestimate the intelligence of the Chinese people." Some sources suggest that the top level of the government may believe that the attacks don't come from them.

Some companies have discussed retaliation attacks, though laws in the US currently prevent such measures. Approving the use of retaliatory attacks is being considered, with some government backing.

"If counterattacks against hackers were legal, there are many techniques that companies could employ that would cause severe damage to the capability of those conducting IP theft," said a document released last month by the Commission on the Theft of American Intellectual Property. The commission is headed by former US Ambassador to China Jon Huntsman and former US Director of National Intelligence Dennis Blair. The document was produced as a recommendation that Congress and the Obama administration reconsider laws banning retaliation.

Talks with China will take place before any such laws are considered. The current administration is putting cyber security high on its agenda.

"Cyber security is a key priority of this administration. It is a key concern that we have," White House spokesman Jay Carney said, Reuters reports, on Air Force One during Obama's recent trip to New Jersey.

"It is an issue that we raise at every level in our meetings with our Chinese counterparts, and I'm sure it will be a topic of discussion when the president meets with President Xi in California in early June," Carney said.